Job Title: Security Tester
Job Level: Mid-level.
Report to: Project Lead - II
Department: QA Team
Location: Cochin
Job Summary:
We are seeking a skilled and proactive Security Tester with 3–4 years of experience in identifying, analyzing, and mitigating security risks in applications and systems. The ideal candidate will have a strong understanding of security testing tools and methodologies, with hands-on experience in penetration testing, vulnerability assessment, and secure coding practices.
Key Responsibilities:
- Conduct application-level security testing (web, mobile, APIs) including penetration testing and vulnerability assessments
- Identify and exploit vulnerabilities to assess risk and impact
- Perform static (SAST) and dynamic (DAST) code analysis using automated tools
- Validate and document security findings with detailed proof-of-concept and risk ratings
- Collaborate with development and QA teams to drive secure software development practices
- Assist in threat modeling and security requirements gathering for new features
- Ensure compliance with industry security standards (OWASP Top 10, SANS 25, etc.)
- Track and follow up on security issues until resolution
- Stay current on security threats, vulnerabilities, tools, and trends.
Required Qualifications:
- Bachelor’s degree in computer science, Information Security, or a related field
- 3–4 years of experience in application security testing or ethical hacking
- Hands-on experience with tools such as Burp Suite, OWASP ZAP, Metasploit, Nikto, Nessus, etc.
- Good understanding of secure coding practices, network security, and common vulnerabilities
- Familiarity with scripting (Python, Bash, etc.) is a plus
- Strong analytical and problem-solving skills
- ·Excellent communication skills (both written and verbal)
- Security certifications like CEH, OSCP, GWAPT, or similar are a plus.
- Experience working in DevSecOps environments.
- Exposure to CI/CD pipelines and integrating security testing tools.
- Experience with cloud security (AWS, Azure, GCP)
